11 Mar 2010

feedDevZone - Items tagged as: Zend Framework

Joseph Crawford's Blog: Zend Framework: Creating RESTful Applications

Joseph Crawford has a new post to his blog today with a look at his use of the Zend_Rest_Controller and Zend_Rest_Route components of the Zend Framework to create a simple REST service .

11 Mar 2010 5:25pm GMT

Webinar - New in Zend Framework 1.10!

Zend Framework 1.10 sports a ton of new features, as well as completely revamped online documentation. In this webinar, Matthew Weier O'Phinney, Framework Project Lead, and Ralph Schindler, Zend Framework Software Engineer, will present a synopsis of the new features, discuss the new online documentation system and how it's built, and answer your questions about the new release….

11 Mar 2010 4:27pm GMT

feedCI News

EllisLab moves to Mercurial, Assembla, BitBucket; CodeIgniter 2.0 Baking

EllisLab today announces changes to our internal development processes, including dropping Subversion in favor of Mercurial and adopting Assembla as our agile software development management tool. Along with these changes, CodeIgniter 2.0 pre-release code is in development, and is now hosted at the Mercurial-focused social coding site BitBucket.

At EllisLab we make ExpressionEngine, the CMS for web professionals, and CodeIgniter, the only PHP framework to receive praise from Rasmus Lerdorf, the creator of PHP. We're based out of Bend, Oregon, but only two staff members live there. The rest are scattered roughly from West to East in Portland, Missouri, Illinois, Toronto, North Carolina, Ireland, the UK, Germany, and Austria. In addition to very little face to face interaction with one another, our developers have to deal with as much as a 9 hour difference from other team members. So we've adopted and continue to adopt methodologies and technologies to bridge those gaps and enable us to be as productive as if we were all in the same building, working the same hours.

Version Control

One no-brainer, and I hope most of you are using it as well, is version control. Since 2005, we've been using Subversion, and it has performed admirably, particularly during the majority of ExpressionEngine's life when there were only two Sith developers working on a project. The first year that Subversion was in use, we even shared a single user and did not use commit messages. That works fine when you can read the rest of your team's minds, and you aren't using version control for revisioning, but merely for convenient file sharing.

But Subversion comes with a lot of baggage, some of which becomes heavier in proportion to the distance between team members, and as both your projects and team increase in size. Commits and diffs become laborious on even the fastest of networks. The size of the repository balloons if you try to use basic features of branches and tagging. Renaming and moving files is a pain, and can jam up your fellows' repositories. And don't even think about working independently and merging.

These and other issues led us to examine dozens of version control systems (VCSes) to find the right fit for our team. We looked at Git first, whose growth can be largely attributed to the popularity of GitHub, then Bazaar, darcs, Monotone, Perforce, BitKeeper, and so on. But after weeks of research and test use, we settled comfortably into Mercurial.

Now before the Git readers get their pitchforks ready and head for the comments, let me be clear that we are not at odds. Both are great distributed version control systems (DVCSes), have nearly identical features, and have a common enemy: Subversion. So our switch to Mercurial means that Git users win too - joining a growing army against centralized version control. It just happens to be that a few of the divergent features swing slightly towards Mercurial for our specific needs, but above all, our team enjoyed using Mercurial more than Git. Not that we didn't enjoy Git, we just enjoyed Mercurial more, and why is hard to quantify but there was obviously no reason to fight it. We're here to write code and create great applications; the more that our use of any VCS can fade into the background to accomplish that goal, the better.

Scrum

When your development team grows beyond two people, the mind meld dissolves, the ability to know at any given moment what the rest of the team is doing, and how well they are doing it dissipates. Cowboy coding's ability to be effective diminishes. So a little over a year ago, we began looking at various agile software development methods, and decided to try out Scrum. It's been a tremendous success.

To bring Scrum to a team spread across the world, we've been using technology to create a virtual office. Google Docs for shared spreadsheets to track our Sprints and burndown charts. Planning Poker to help us plan Sprints. Neither tool ever felt like a perfect match for us, though. Whether it's the clumsy manner in which product backlog items are stored and moved to a new spreadsheet to create Sprints, or not having the hour estimation card that we really wanted to play - resulting in a lot of "I estimated 16 hours but I really mean 12" - these tools were getting us by, but were not the most effective.

Enter Assembla, a tool we came across in our search for a new VCS. Assembla is the perfect blend of what our developers and our product owners need for project management, and that mix is remarkably difficult to find. It gives developers the ability to use any VCS they like, including those on your own servers, fully integrated with a ticketing system that is built from the ground up for agile software development. Product owners are given a visual ticket organizer to effortlessly create Sprints from categorized backlogs. Add to that a Scrum tool to make standing meetings less intrusive to the varied working hours of our distributed team, and it's near perfection.

Assembla is the product that is saving us from having to write our own agile software management tool. We've moved all of our software projects into Assembla. This is a tool anyone working in a team should check out.

This is a behind the scenes change of course so it may seem inconsequential, but all of our users will benefit. Like Mercurial, this logistical portion of our virtual office can just do what it's meant to do and thus fade into the background, letting us focus on getting things done instead of on processes.

CodeIgniter

Of our communities, CodeIgniter benefits the most directly from these changes. The adoption of a new VCS and new internal development tools allows us to not only be more effective in CodeIgniter's development, but also enables us to give you more and to interact more directly with you.

Starting today, CodeIgniter 2.0 is baking, and I'm thrilled to announce that with Subversion gone, in-development code is available publicly on its new home: BitBucket.

After adopting Mercurial, joining BitBucket was a perfect fit for our open source projects. It has a beautiful source code browser and will make watching code changes a breeze with its graphical changeset viewer and RSS/Atom feeds.

It also comes with a rich social layer, quick access to tagged versions, along with forking and patch queue management for advanced users. Do you find yourself making the same modifications to CodeIgniter before beginning a project? BitBucket and Mercurial can help you do that and share it with others with ease, using any version in the upstream repository.

We're really excited to watch CodeIgniter's growth accelerate due to these changes. A discussion of CodeIgniter 2.0's features and direction will be forthcoming, so be looking for that in the future in the news section of CodeIgniter.com. What are you waiting for? Go sign up at BitBucket and become a zealot, following the CodeIgniter project!

Discuss this story

11 Mar 2010 4:00pm GMT

10 Mar 2010

feedDevZone - Items tagged as: Zend Framework

DZone.com: Q&A with Jason Gilmore: The Zend Framework

On DZone.com today there's a new interview by Lyndsey Clevesy with Jason Gilmore looking at the Zend Framework and some of the general things to expect in coming versions.

10 Mar 2010 1:12am GMT

07 Mar 2010

feedsymfony Project Blog

A week of symfony #166 (1->7 March 2010)

Symfony 2 development got a boost this week with lots of chagesets, mostly related with the upcoming Doctrine 2 bundle.

Development mailing list

Development highlights

Symfony 1.X branch:

Symfony 2.X branch:

sfDoctrinePlugin:

sfPropelPlugin:

...and many other changes

Development digest: 90 changesets, 18 bugs reported, 16 bugs fixed, 2 enhancements suggested, 3 enhancements closed, 8 documentation defects reported, 25 documentation defects fixed, and 16 documentation edits.

Documentation

New developers for hire

Plugins

New symfony powered websites

They talked about us

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

07 Mar 2010 9:05pm GMT

05 Mar 2010

feedDevZone - Items tagged as: Zend Framework

Ben Scholzen's Blog: Modern Application Design - Part 1

Ben Scholzen has started a serial about modern appication design on his blog. As base of this serial he is using his blog source for demonstration.

05 Mar 2010 10:13pm GMT

Matthew Weier O'Phinney's Blog: Responding to Different Content Types in RESTful ZF Apps

Continuing on from his previous articles on working with REST in Zend Framework applications (and making the endpoints for a web service) Matthew Weier O'Phinney has a new tutorial with the next logical step in the series, automatically responding to different content types in your application based on the content-type the client sends.

05 Mar 2010 9:11pm GMT

Michael Kimsal's Blog: Zend Framework and Doctrine integration - autoloading of doctrine models

Michael Kimsal has a new post today looking at using Doctrine models in a Zend Framework application and how to get them to autoload when you need them with the help of Zend's Zend_Loader_Autoloader.

05 Mar 2010 4:56am GMT

Rob Allen's Blog: Zend Framework, IIS and 500 errors

If you've been using the Zend Framework on a Windows platform (running IIS as the web server) and have been getting some 500 errors and have been left lacking the detail you need on the problem, you should read this new post from Rob Allen about an IIS setting that can help you out.

05 Mar 2010 4:53am GMT

How to avoid Identity Theft in Zend Framework with Zend Auth

While there are many major security issues possible in a web application, there is a particular one that bugged me for some time. The Identity theft - Broken account and session management issue. Why can one so easily still my session id cookie and suddenly gain access to my account in one particular web application? I know it its rather impossible to make this 100% hack-proof but I strongly believe that the system should be improved as much as possible. Our goal is to implement a Zend Auth extension that adds a new level of security to the previously mentioned class. This extension - let's call it Project_Application_Auth - would check the Zend Auth storage for the IP and/or User Agent. In order to do so, these should be set in the login process in the storage. If the IP is different then the initial IP from the login process and / or the User Agent is not the same as the initial User Agent from the login process, then our extension would tell us that it is not a secure identity (aka it is safe to assume it has been stolen) and thus we should disconnect the user.

05 Mar 2010 4:30am GMT

04 Mar 2010

feedCI News

EECI2010 Full Ticket Giveaway

The ExpressionEngine and CodeIgniter Conference (EECI2010) in May is the CodeIgniter and ExpressionEngine event to go to this year. We want you to join the fun, so we're giving away a full conference ticket to the year's biggest event. Read the full details and how to enter at the ExpressionEngine blog.

Read details for the EECI2010 Full Ticket Giveaway

04 Mar 2010 8:48pm GMT

feedsymfony Project Blog

Symfony 2.0 and the PHP Ecosystem

Unless you've been living under a rock, you have already heard a lot about Symfony 2. The buzz on the Internet, and especially on Twitter and on blogs, have been terrific so far. Today, I won't really talk about the Symfony 2 features. If you want to give Symfony 2 a try, you'd better read the "Quick tour" tutorial on the Symfony reloaded website. This post is more about one key aspect of the Symfony 2 philosophy. Hopefully, it will help you better understand the reasoning behind most of our decisions.

Symfony 2 is all about having a better core architecture. The old Mojavi classes are now all gone. They have been replaced with a more flexible foundation. This will allow Symfony to be used to develop both very small websites like personal homepages and also very big ones that have specific needs. The new architecture also gives us the opportunity to fix the mistakes we made in symfony 1 and to incorporate all the feedback we received during the last four years.

Symfony 2 still aims to be a full-stack framework but with a slightly different philosophy. You know that we don't like to reinvent the wheel, and so symfony 1 is already built on top a lot of different third-party libraries (Propel, Doctrine, Swiftmailer just to name a few). For Symfony 2, we have decided to take it to the next level. The Symfony core team will concentrate more on providing a great low-level architecture and we will rely even more on third-party libraries whenever possible for everything else.

The first visible decision we made was to replace our logger and caching libraries with the Zend Framework ones. We spent a lot of time writing these classes and maintaining them over the years, but whenever we take a decision for Symfony 2, we try to think about what is best for the project in the long run. It's never about personal ego.

But of course, we won't use a library just because it exists. Five years ago, I decided to create lime for our unit tests, instead of using an existing library like SimpleTest or PHPUnit. And I did that for some good reasons: among them, I wanted a simple way to write unit tests to lower the barriers of entry to unit testing. But things have changed a lot since then. First, PHPUnit is now the de-facto standard library for unit testing, and PHP developers are more comfortable with the whole testing concept. So, the core team has decided to switch from lime to PHPUnit for Symfony 2.

I like what Paul Lomax tweeted some days ago about that: "Use what's out there; realise it sucks; write your own; wait until others suck less; dump your own; use other."

Using PHPUnit instead of lime basically means we have less code to maintain ourselves. It's like having Sebastian Bergmann on board; one more great PHP developer helping us making Symfony better. But using PHPUnit also has a lot of other advantages:

Bernhard will keep on working on Lime 2, but he will also have more time to work on core Symfony features like the new form framework.

Using third-party projects is great but only if they can be integrated into the Symfony core in a cohesive and transparent way. That's where the Dependency Injection Container comes into play. Symfony 2 is entirely built around a Dependency Injection Container. Besides the flexibility it gives to the developer, it's also a great way to easily integrate third-party code. If you are curious, have a look at the DoctrineBundle plugin or the Swiftmailer one to see what I mean.

Keep in mind that Symfony 2 is not ready for prime time. We have published a preview release to gather feedback early in the process. So, feel free to play with the new code base and don't hesitate to provide as much feedback as possible.

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

04 Mar 2010 1:32pm GMT

feedWithCake.com Companies Hiring

qpLogic Europe

We can use immediately an experienced Cake developer for assisting us with developing a multi-lingual application that needs some Jake/Joomla (css) integration. We have continuously Cake projects and prefer to work with a team of individual developers in multiple time zones. Please show me that you are experienced, affordable and have at least 24 hours available per week (40 is better ;-).

04 Mar 2010 11:54am GMT

02 Mar 2010

feedDevZone - Items tagged as: Zend Framework

ZendCasts.com: Creating Custom Zend_Form Decorators

On ZendCasts.com today there's a new screencast aimed at showing off custom Zend_Form decorators for your Zend Framework application.

02 Mar 2010 9:15pm GMT

Connecting Flex 4 and RESTful Web Services using Zend Framework

With Adobe's latest incarnation of the Flex Framework and the Flash Builder integrated development environment ( IDE ), creating truly engaging front-end clients is now more streamlined. Some of the useful tools and features covered in this article are the Data/Services, Test Operation, and Network Monitor additions to Flash Builder. In this article, I explain how to set up a simple Representational State Transfer ( REST ) service using the Zend Framework 1.9 locally and connect to it in the Flex 4 application.

02 Mar 2010 7:04pm GMT

28 Feb 2010

feedsymfony Project Blog

A week of symfony #165 (22->28 February 2010)

This week, three symfony security releases were published (1.2.12, 1.3.3 and 1.4.3). In addition, Yaml component gained lots of fixes and Doctrine Bundle integration with Symfony 2 was improved.

Development mailing list

Development highlights

Symfony 1.X branch:

Symfony 2.X branch:

...and many other changes

Development digest: 149 changesets, 36 bugs reported, 17 bugs fixed, 7 enhancements suggested, 5 documentation defects reported, 4 documentation defects fixed, and 12 documentation edits.

Documentation

New Job Postings

New developers for hire

Plugins

New symfony powered websites

They talked about us

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

28 Feb 2010 10:00pm GMT

27 Feb 2010

feedDevZone - Items tagged as: Zend Framework

NestedSetDbTable class

API for managing nested sets of data stored in a database. NestedSetDbTable class extends Zend_Db_Table_Abstract, to provide custom functionality for working with database tables that has hierarchical data in them data.

27 Feb 2010 9:47pm GMT

25 Feb 2010

feedWithCake.com Companies Hiring

London College of Fashion

http://www.fashion.arts.ac.uk

London College of Fashion / University of the Arts London is looking to hire a freelance PHP developer with knowledge of Cake to work on its Showtime portfolio app (http://www.arts.ac.uk/showtime). We do want to meet with prospective developers, so London-based is a requirement. We're also looking for somebody who has a good feel for interface and some enthusiasm for the the creative arts! If interested drop us a line.

25 Feb 2010 5:21pm GMT

feedDevZone - Items tagged as: Zend Framework

Padraic Brady's Blog: PHP Framework Benchmarks: Entertaining But Ultimately Useless

In a new post to his blog Padraic Brady takes a humorous look at benchmarking PHP frameworks in a response to some of the other recent posts from developers on the Symfony and Solar frameworks.

25 Feb 2010 12:50pm GMT

feedsymfony Project Blog

Security Release: 1.2.12, 1.3.3 and 1.4.3

A SQL injection vulnerability in the Doctrine admin generator was reported earlier today which has been addressed in these 1.2.12, 1.3.3 and 1.4.3 security releases. This vulnerability was limited to the Doctrine admin generator and did not affect the Propel admin generator or any other aspect of symfony's Doctrine integration.

We recommend all projects that use the Doctrine admin generator upgrade to these latest versions immediately.

The vulnerability

The admin generator in sfDoctrinePlugin was not properly filtering the GET request parameter that switches the sort order on record listing pages. By manipulating this parameter in the URL, it was possible to inject arbitrary SQL into the query that populates the list page. We have closed this hole by applying a simple whitelist filter which checks that this parameter is either "asc" or "desc," case-insensitive.

How to report a security issue

It behooves us all to review the process for reporting a security issue to the symfony core team. This process, described on the symfony wiki, is set aside from reporting other issues with the symfony code because security issues require special consideration. If you find a security vulnerability, please do not post to the symfony-users mailing list. Instead, send an email to security [at] symfony-project [dot] com describing the vulnerability and it will quickly be qualified and addressed. Once a fix is released, the vulnerability and fix will be announced on this blog.

How to upgrade

If you've checked out a copy of the a tag from Subversion, switch to the latest.

// symfony 1.2
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_2_12

// symfony 1.3
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_3_3

// symfony 1.4
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_4_3

If you are using the pear package then do this works for you.

// symfony 1.2
$ pear upgrade symfony/symfony-1.2.12

// symfony 1.3
$ pear upgrade symfony/symfony-1.3.3

// symfony 1.4
$ pear upgrade symfony/symfony-1.4.3

Once that's complete, clear your project's cache.

$ php symfony cache:clear

If you'd prefer to download the security fix as a patch, you may do so for the 1.2, 1.3 or 1.4 branches.

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

25 Feb 2010 7:47am GMT

feedDevZone - Items tagged as: Zend Framework

Cal Evans' Blog: How I got Zend_Tool working on Windows

A few version back the Zend Framework introduced a handy component that can help you get a Zend Framework started quickly - Zend_Tool (and the command line "zf"). It works like a charm on unix-based systems, but has some quirks about it on Windows. To help with the situation, Cal Evans has posted a guide on Zend_Tool and how he got it working on his Windows 7 platform.

25 Feb 2010 12:43am GMT

24 Feb 2010

feedDevZone - Items tagged as: Zend Framework

Zend Framework 1.10.2 Released

On behalf of the Zend Framework community, I'm pleased to announce the immediate availability of Zend Framework 1.10.2, our second maintenance release in the 1.10 series. You can download it from our downloads page: http://framework.zend.com/download/latest This release includes approximately 50 bugfixes, the majority of which were contributed during our Bug Hunt Days last week (more information on that in the days to come). The fixes contributed are helping stabilize and improve this release.

24 Feb 2010 11:04pm GMT

23 Feb 2010

feedCI News

EllisLab @ SXSW 2010 and You

Over the course of the last few years we have gradually changed our approach to SXSW, preferring to move toward a small-group discussion format.

This is a great move for EllisLab and for the community; there is an immeasurable value to this discourse. This year we are excited to continue with this format and to add to it; this year, you, through the services at UserVoice, will have the opportunity to choose where we meet and what we discuss.

Read the full details on the ExpressionEngine blog (direct link to entry). Of particular note for CodeIgniter users, we will will be offering private Lunch with EllisLab events to exceptional contributors to the community, including those who run CodeIgniter community sites. This is your opportunity to tell us what we can do to support your endeavor while enjoying a meal on our tab.

(Note: user your CodeIgniter.com account to log in to the ExpressionEngine.com forums)

23 Feb 2010 7:34pm GMT

22 Feb 2010

feedDevZone - Items tagged as: Zend Framework

Adrian Schneider's Blog: Zend Framework Models - Part 1: Concepts

Adrian Schneider has started up a new series of posts on his blog today with part of of his look at models in the Zend Framework .

22 Feb 2010 6:54pm GMT

21 Feb 2010

feedsymfony Project Blog

Symfony Live Community Response

A conference such as Symfony Live always generates a lot of buzz. Especially when there are interesting announcements or rumours are made. This post will give you an overview of the community response to Symfony Live from various blogs and social networks.

Blogposts

A lot of people write about their experience at a conference like Symfony Live. Below is a list of blogposts about Symfony Live.

Dutch

English

French

German

Russian

Ukrainian

Did you write a blogpost about Symfony Live 2010, and was it not included in this list? Please link your post in the comments and we'll add it

Flickr

Many of the PHP community are (amateur) photographers. And you can see that by the amount of photos published of the Symfony Live conference.

Did you make pictures and publish them somewhere, and are they not included in this list? Please link your photos in the comments and we'll add them

Video

Did you make a video and publish it somewhere, but isn't included in this list? Please link your video in the comments and we'll add it

Twitter

The most direct feedback you can get is from Twitter these days and indeed there were quite a lot of tweets about Symfony Live. The following is an overview of some awesome tweets that used the official #sflive2010 tag:

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

21 Feb 2010 9:45pm GMT

A week of symfony #164 (15->21 February 2010)

Symfony Live 2010 conference took place this week, resulting in astonishing success. Symfony 2 preview was released during the conference and it's been praised afterwards in hundreds of blog posts and tweets.

Development mailing list

Development highlights

Symfony 1.X branch:

Symfony 2.X branch:

...and many other changes

Development digest: 142 changesets, 26 bugs reported, 40 bugs fixed, 1 enhancement closed, 13 documentation defects reported, 4 documentation defects fixed, and 23 documentation edits.

Documentation

New Job Postings

New developers for hire

New symfony bloggers

Plugins

New symfony powered websites

They talked about us

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

21 Feb 2010 9:28pm GMT

19 Feb 2010

feedsymfony Project Blog

Symfony Live Day 2

For the second day of this Symfony Live, management was easier because everybody knew the place, people coming from far away were less jet-lagged which was better to follow the upcoming sessions! Moreover, for the staff we were, people could fortunately enter the place without queuing because of us!

Sessions began with Lukas and Jordi who described us how they used symfony components like yaml, event dispatcher or request handler out of symfony. Beyond the pure usage, they described how they managed the integration inside the Okapi project and how they contributed to enhance the yaml component for example.

Then, Xavier made his best to present how to optimize PHP code. The session was fully understandable and based on the use of tools PHP developers would use more often to be sure they optimize what is valuable. On the top of that, he described the common things he learned during his investigations.

Right after the pause, everybody took a deep breath to dive in GIT world for a while. GIT is not so simple to use but, maybe thanks to Scott, I have been impressed by the simplicity over possibilities GIT provides. For us being attendees on Thursday at the one-day-GIT training, he definitely convinced us GIT usage is really made to help us along everyday-code-management tasks.

The following presentation was made by Matthew from Zend. His talk was first showing how it is easy to integrate Zend components in symfony. Then, he draw a map of what can be used from Zend framework. After his talk, I think some of us will soon play with the Zend Queues or some services components like the newly stable Zend_GData.

After lunch, Marcos reported how he implemented a symfony-based CMS for a publishing company.

Then Dennis came back on stage to clarify definitely the cases when to use event notifications, what their limits also.

Kris followed to tell us with some examples how it is cool to publish a symfony application to the cloud. He gave then some tricks to manage applications on top of highly distributed architectures. Nice feedbacks about Doctrine multiple connections for read/write split, CDN management and testing clues were happily provided by Kris, sometimes (surprisingly?) based on Zend components...

Then, Alvaro took the microphone to describe how he optimized a symfony application while encountering some high traffic at his company. Along all the issues Alvaro and the team had to cope with, he explained how they investigated and solved them with an impressive list of tools like CouchDB for log management, XHProf to profile the application, Tsung to benchmark it.

Then, Dustin presented the reasons that led Yahoo! to choose symfony. Adapting it to make it become ysymfony, he emphasized the good reasons why they migrated Yahoo Bookmarks, then Answers and Delicious in the end. After the migration presentations, he presented the interesting Yahoo! developper tools of the Yahoo! developper network and how it eases integration of external public data thanks to YQL. Then, Dustin gave some useful tips to help on scaling with PHP/symfony environments.

And to top it all off, Fabien came for the fairly long-awaited presentation of Symfony 2 (beware the capital S of Symfony that time, no way to mix). Still in development, Fabien presented the stable core of Symfony 2 which is Fast as hell ! Not to tease you anymore without giving you anything, the code and a quick tutorial have been published. To begin, we recommend you to visit the new Symfony reloaded site and to follow the tutorial to see how easy it is to develop with Symfony 2.

Videos in high quality will come, don't be disappointed! Of course, you will hear about it more and more during 2010 and be sure it will make some noise!

OkAPI meet symfony, symfony meet OkAPI
View more presentations from Lukas Smith.
PHP Performance SfLive 2010
View more presentations from Xavier De Cock.
Git 101 Presentation
View more presentations from Scott Chacon.
Using Zend Framework with Symfony
View more presentations from Matthew Weier O'Phinney.
Implementing a Symfony Based CMS in a Publishing Company
View more presentations from Marcos Labad.
symfony live 2010 - Using symfony events to create clean class interfaces
View more presentations from denderello.
Symfony in the Cloud
View more presentations from Kris Wallsmith.
Debugging and Profiling Symfony Apps
View more presentations from old_sound.
Building A Platform From Open Source At Yahoo
View more presentations from Dustin Whittle.
Symfony 2.0 revealed
View more presentations from Fabien Potencier.
Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

19 Feb 2010 7:00pm GMT

17 Feb 2010

feedsymfony Project Blog

"symfony 1.2 is not supported anymore"

symfony 1.4 is the current Long Term Support release that will get bugfixes for 3 years.

symfony 1.2 was released December 1st 2008 and now deserves its rest. It was a major milestone release for symfony bridging the gap between 1.0 and 1.4. Based on the community feedback we decided to prolong its support to ease transition. This transition period however is now over. symfony 1.2 will no longer receive updates from the core team, 1.2.11 is the last release of that branch. We will focus on driving Symfony 2 from now on, while still maintaining 1.3 and 1.4.

I would like to thank you for your feedback on "my" release and hope Kris will serve you well (ok, to be fair, I will still help him) on symfony 1.3 and 1.4.

And if you like it hacky and unstable like me, join my on the Symfony 2 alpha train ;-)

Yours sincerely,

Fabian

former symfony 1.2 Release Manager

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

17 Feb 2010 9:40pm GMT

Symfony Live Day 1

Here is half of the way done at the moment. Symfony Live this year made us think our speakers can begin to live their own rock star life (see symfony stickers and you will feel confident about it). Yesterday morning at 8, some people were already waiting for their badge. Actually, they were right on time okay because the registration was beginning at 8... Unexpectedly it made us think at the first impression that the event were pushed from start by a high community pressure. For us, we could not be more pleased to see it.

Anyway... first issues were badge problems and #twitter would say far better than me what was the overall feeling about wifi connection. Anyway, after lunch, everybody pushed behind the not-so-unsignificant logistical problems.

The program of this tuesday was full of various subjects. Focusing on technical matters, we saw two interesting admin generator based sessions

Concerning I18N, Thomas Rabaix gave some methods to internationalize applications thanks to symfony core tools and plugins to ease the translation tasks.

A quite hard to build presentation aimed on symfony internals was held also by Geoffrey Bachelet.

The most important presentation of the day had been done to definitely know what Jonathan Wage has in mind to stabilize the upcoming Doctrine 2. Apart from this view of the future, the everyday task of making database schema migrations had been held by Dennis Benkert. Beyond giving some tips for command-line tools, he focused on how to migrate systematically and peacefully with Doctrine 1.2 migration tools based on good methods.

Then, the afternoon period went on with community aspects : how to contribute and what the core team makes with symfony for now and on. This part is quite important for the strength of the community. Microsoft making a chapter in 'More with symfony' book, beeing sfLive sponsor and holding a session about their Azure product used with PHP is a proof of that.

Find the slides of this Tuesday below. They are fully here for you to feel as you were here with us : enjoy your reading! To even improve your remote user experience, the sessions had been filmed starting from the afternoon. For the lucky ones being at symfony live, be prepared for today : it will reserve a bunch of other nice things.

Feel free to follow #sflive2010 in realtime and join us at the Github meetup tomorrow evening for the feedbacks and preparation of the GIT training session of Thursday!

Internationalization with the symfony framework
View more presentations from th0masr.
Working With The Admin Generator
View more presentations from jcleveley.
PHP, Cloud And Microsoft Symfony Live 2010
View more presentations from guest5a7126.
Symfony Internals
View more presentations from ubermuda.
symfony Live 2010 - Using Doctrine Migrations
View more presentations from denderello.
Doctrine 2 - Not The Same Old Php Orm
View more presentations from Jonathan Wage.
An offline admin generator with HTML 5 and Gears
View more presentations from Thomas Parisot.
The Symfony Community - How to (get) help
View more presentations from Stefan Koopmanschap.
Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

17 Feb 2010 8:29am GMT

16 Feb 2010

feedDevZone - Items tagged as: Zend Framework

PHPBuilder.com: Create a Unit Conversion Application w/the Zend_Measure Component

On PHPBulder.com there's a new tutorial posted showing you how to create an application that can do unit conversion with the help of the Zend_Measure component of the Zend Framework .

16 Feb 2010 4:31pm GMT

14 Feb 2010

feedsymfony Project Blog

A week of symfony #163 (8->14 February 2010)

Symfony published this week three new maintainance releases of its 1.2, 1.3 and 1.4 branches. Next week, the Symfony Live 2010 conference will host tens of sessions, workshops and social events attended by hundreds of symfony fans. Moreover, the first alpha version of Symfony 2 will be previewed during the conference.

Development mailing list

Development highlights

Symfony 1.X branch:

Symfony 2.X branch:

sfDoctrinePlugin:

sfPropelPlugin:

...and many other changes

Development digest: 344 changesets, 28 bugs reported, 50 bugs fixed, 6 enhancements suggested, 12 enhancements closed, 6 documentation defects reported, 5 documentation defects fixed, and 12 documentation edits.

Documentation

New Job Postings

New symfony bloggers

Plugins

New symfony powered websites

They talked about us

Be trained by symfony experts - Mar 24 Paris - Apr 12 Paris - Apr 21 Paris

14 Feb 2010 9:30pm GMT

04 Feb 2010

feedCI News

Subversion Server Change

Our Subversion repositories have moved. Please update your repositories or check out new ones from the new location: http://svn.ellislab.com/CodeIgniter/trunk

As always, information about our Subversion repositories can be found on the download page and installation instructions.

04 Feb 2010 4:28pm GMT

17 Jan 2010

feedcakebaker

Rails 3 and Passenger

This weekend the RailsBridge people have organized a bugmash with the motto "Do One Thing for Rails 3″, and so I took the opportunity to experiment a bit with the coming Rails 3. After following the instructions for creating a new Rails 3 app (using the -database=mysql parameter for the "rails" command) I noticed that the [...]

17 Jan 2010 9:46am GMT

31 Dec 2009

feedcakebaker

Accepting the Google OpenID with PHP OpenID

If you are using the PHP OpenID library (which is also used by my OpenID component for CakePHP), it is possible that you get an "Invalid OpenID" error when you try to login with the Google OpenID (https://www.google.com/accounts/o8/id), or any other OpenID that uses "https". In this case, the following steps might help to fix this [...]

31 Dec 2009 4:45pm GMT

12 Dec 2009

feedcakebaker

Attribute Exchange support for the OpenID component

The OpenID Attribute Exchange specification (or AX for short) has been around for quite a while, though I ignored it so far because at the time it was introduced (almost) no OpenID provider supported it. However, after Yahoo! announced they support Attribute Exchange, and someone recently mentioned it in a mail, it was time for [...]

12 Dec 2009 5:30pm GMT

06 Dec 2009

feedCI News

CodeIgniter Community Chieftain Jamie Rumbelow

We're happy to announce the next CodeIgniter Community Chieftain, Jamie Rumbelow! This invitation only volunteer program focuses on identifying stellar examples from the community, and letting them utilize their strengths to help maintain the community and act as a liaison when needed to EllisLab.

Jamie will be taking the reigns from our first Community Chieftain, Michael Wales. Thanks Mike for your year and a half of volunteer service, and welcome aboard, Jamie!

06 Dec 2009 6:49pm GMT

27 Nov 2009

feedcakebaker

Render partial from an atom builder view

Thanks to the built-in AtomFeedHelper it is quite easy to generate an atom feed with Rails. Here an example from the API: # app/views/posts/index.atom.builder atom_feed do |feed| feed.title("My great blog!") feed.updated(@posts.first.created_at) @posts.each do |post| feed.entry(post) do |entry| entry.title(post.title) entry.content(post.body, :type => [...]

27 Nov 2009 4:15pm GMT

20 Nov 2009

feedcakebaker

Link-like buttons

Sometimes you want to make a button look like a link. For example, in an admin interface you might want to have "links" to edit and delete articles. The "edit" link will be a normal link. But for the "delete" link you "cannot" use a normal link, because a delete action changes the state on [...]

20 Nov 2009 8:05am GMT

12 Nov 2009

feedcakebaker

Don’t apologize for being a newbie

On mailing lists or in private mails I sometimes read statements like "I am sorry, but I am a newbie" or "Sorry for this newbie question". And I always wonder why do those people apologize for not being proficient? It is ok to be new and inexperienced with a framework/programming language/whatever. Everyone of us is from [...]

12 Nov 2009 4:16pm GMT

23 Oct 2009

feedcakebaker

The end of CakePHP?

Today, Nate Abele, lead developer of CakePHP, announced in a cryptic tweet that he leaves the project. This comes shortly after Gwoo, the project manager, left the project, too. It seems like they started to work on a fork of Cake3 called "Lithium". On Twitter people are a bit puzzled about those events, some even [...]

23 Oct 2009 2:49pm GMT

16 Oct 2009

feedcakebaker

My tool box

In the last few days several people in the Rails world wrote about their "tools of the trade". And as I have never written about the tools I use, I think it is a good time to do it now. There isn't much to say about the hardware I use: my only machine is a Dual-Core [...]

16 Oct 2009 3:54pm GMT

14 Sep 2009

feedcakebaker

Rails 2.3.4 and Ruby 1.9.1

This morning, the Ruby package for Arch Linux was upgraded from version 1.8.7 to 1.9.1. Unfortunately, after the upgrade all Rails applications (using Rails 2.3.4) stopped to work and showed an error like: undefined method `^' for "b":String (NoMethodError) Fortunately, I am not the first one who encountered this issue, and so it is already fixed in [...]

14 Sep 2009 9:43am GMT

11 Sep 2009

feedCI News

CodeIgniter v1.7.2 Released

EllisLab is pleased to release CodeIgniter version 1.7.2 for ready download. What's new? Among other changes:

Version 1.7.2 has been baking in the subversion for quite some time, and has been compatible with PHP 5.3.0 since late July, but many users understandably haven't been running from the in-development version. While I'd have liked to have had time to add a few more "big ticket" items to this release, making it 1.8, time is a cruel mistress. Many of our users develop on Macs, and OS X Snow Leopard ships with PHP 5.3.0, so we felt is was more important to push out this stable maintenance release instead of waiting for an even later date - it's been almost seven months since a refresh, afterall. But there are still a few good surprises, and welcome changes. Enjoy!

11 Sep 2009 3:03pm GMT

08 Sep 2009

feedcakebaker

Extending CakePHP’s core components

In a recent comment David Cournoyer shared a tip about extending CakePHP's core components and I think it could also be useful for others. Let's say we want to add a method to the request handler component. And so we create a new class which inherits from the request handler component: // app/controllers/components/my_request_handler.php App::import('Component', 'RequestHandler'); class MyRequestHandlerComponent extends [...]

08 Sep 2009 6:12am GMT

11 Feb 2009

feedCI News

CodeIgniter 1.7.1 Released

CodeIgniter Version 1.7.1 has been released. This version contains many new features and enhancements, as well as nearly three dozen bug fixes. It also includes a critical security update for applications using the new Form Validation library with field arrays. For a list of all changes please see the Change Log.

If you are currently running CodeIgniter please read the update instructions.

Note: If your browser does not display the 1.7.1 user guide please clear your cache and reload the page.

11 Feb 2009 1:24am GMT

23 Oct 2008

feedCI News

CodeIgniter 1.7.0 Released

CodeIgniter Version 1.7 has been released. This version contains a number of new features and enhancements, as well as many small improvements and bug fixes. For a list of all changes please see the Change Log.

If you are currently running CodeIgniter please read the update instructions.

Note: If your browser does not display the 1.7 user guide please clear your cache and reload the page.

23 Oct 2008 11:48pm GMT

15 Aug 2008

feedCI News

CodeIgniter Community Voice - HOWTO: Set up a CodeIgniter project in Subversion

EllisLab is blessed with two of the greatest communities that can be found anywhere on the internet in ExpressionEngine and more recently CodeIgniter. Despite being a relative newcomer to the scene, the people attracted to CodeIgniter are among the smartest, most talented and down-to-earth developers around today. From time to time we want to highlight some of these talented people, and we've asked them to lend their voice to ours. Have your voice. I hope you enjoy what they have to say as much as I did.

This week, our Community Voice author is Bruce Alderson, known on the forums as madmaxx, who has written a wonderful guide on how he uses subversion with CodeIgniter. Bruce is an elder web monkey and systems programmer. He totally digs the craft of building software, making cool stuff, and causing people to laugh so hard liquids are forced from their nose. He's currently the Chief Monkey at Discovery Software and author of the not-at-all famous robotpony.ca. (Go read the one about shaving your yak)

After working with CodeIgniter for a few months (and WordPress for a few years), I've settled on a way to set up web projects that works well for development, deployment, and source control. Note that this style of layout only works on systems like Mac and Linux that have useful symlinks.

First, the folder layout

some-domain.com/
app/
config/
controllers/
(etc)
public/
.htaccess -> ../site-extras/.htaccess
favicon.ico -> ../site-extras/favicon.ico
js/ -> ../site-extras/js
images/ -> ../site-extras/images
system/
application/ -> ../../app/
site-extras/
js/
images/
.htaccess

The layout favours a vhost setup, and splits your code and resources out of the CodeIgniter sources. Splitting your stuff from the CodeIgniter stuff lets you link your Subversion repository to theirs, so that you can keep it in sync with their development.

How it's done

  1. Set up your source tree (not including the symlinks or CodeIgniter source) and add to your Subversion repo.
  2. Add a svn link to CodeIgniter's repo (via svn propedit svn:externals, with public http://dev.ellislab.com/svn/CodeIgniter/tags/v1.6.2/) and run a svn update to grab the framework. See the Subversion docs for details.
  3. Copy the CI application folder to the site root (as app), remove the .svn folders, symlink to application, and add it to your local svn repo.
  4. Symlink the other site-extras to the public webserver root, and configure your local machine (and public webserver) to point to this root for the domain's virtual host setup.
  5. Alternatively, you can modify the $application_path to point to ../public/app/ (I'm not sure which is better yet). See the CodeIgniter docs on apps for more details.

You now have a CodeIgnitor project ready for development. You can keep up-to-date with CodeIgniter updates, deploy easily, and get at your code without wading through extra levels of hierarchy.


Discuss this article

15 Aug 2008 11:49am GMT

31 Jul 2008

feedCI News

CodeIgniter Community Voice - Generating PDF files using CodeIgniter

EllisLab is blessed with two of the greatest communities that can be found anywhere on the internet in ExpressionEngine and more recently CodeIgniter. Despite being a relative newcomer to the scene, the people attracted to CodeIgniter are among the smartest, most talented and down-to-earth developers around today. From time to time we want to highlight some of these talented people, and we've asked them to lend their voice to ours. Have your voice. I hope you enjoy what they have to say as much as I did.

This week, our Community Voice author is Chris Monnat, known on the forums as mrtopher, who writes a helpful step by step guide to generating PDF files from CodeIgniter. Chris is a full time web application developer and part time entrepreneur. In addition to building web sites for the medical industry during the day, at night Chris also runs his own development company Left of Center Communications. He recently started a personal blog at http://www.chrismonnat.com where he keeps a record of his exploits and discusses, among other things, CodeIgniter.

PDF files rock! Some of the programs used to view them could use some work, but the file format itself is real handy. As a programmer I have found PDF's to be most helpful when generating reports that need to be printable. I know we are all supposed to be doing our part to make our offices "greener" and use less resources like paper. But some things just need to be printed (especially when your talking about the financial and legal industries).

When generating reports in PDF format you suddenly have a lot more control over layout and design than you do with plain old HTML and CSS (although much progress is being made with print style sheets). You can create some really nice reports on the fly that your users can view, save for later or e-mail to their co-workers for review. In this post I will show you how I generate PDF reports using CodeIgniter.

Quick Note

There are a number of PHP libraries out there for generating PDF files (like FPDF, Panda and dompdf) but the best one I have come across is the R&OS pdf class. I was first introduced to it from the PHP Anthology first edition by Harry Fuecks. I have tried other PDF libraries (some PHP 5 specific and some not) and none of them have been able to provide me with the same control or ease of use that the R&OS class has which is why I'm using it for this tutorial.

Getting Started

Before we start, lets get everyone to the same place so you can follow along as we go. I've prepared a .zip file containing everything you'll need to follow along. The archive includes CI 1.6.3 along with all the code and libraries we will discuss in this tutorial. Simply download the archive, unzip it on your web server and follow along.

I have done all the work of downloading the code library and putting the files in their right place for you, but I wanted to mention where things were for the detail oriented among you. There are 2 files that are necessary in order to use the R&OS library: class.ezpdf.php and class.pdf.php. Those two files have been placed in the application/library folder. R&OS also requires some font files in order to function and they have been placed at the root of the .zip file in a folder called fonts.

You do have to make a minor modification to the class.ezpdf.php file so that it will work properly within CI. First I renamed the file to cezpdf.php, which makes it easier to load using the CI loader. Then you have to modify the include statement on line 3 to:

include_once(APPPATH . 'libraries/class.pdf.php');

This will keep PHP from saying that it can't find included file. Once those modifications are made the R&OS class is ready to use with CI.

In the archive, I have also made a controller called tutorial.php and a helper called pdf_helper.php both in their respective directories. With the background info. out of the way, lets get our hands dirty with a real simple example.

Hello World

function hello_world()
{
$this->load->library('cezpdf');

$this->cezpdf->ezText('Hello World', 12, array('justification' => 'center'));
$this->cezpdf->ezSetDy(-10);

$content = 'The quick, brown fox jumps over a lazy dog. DJs flock by when MTV ax quiz prog.
Junk MTV quiz graced by fox whelps. Bawds jog, flick quartz, vex nymphs.';

$this->cezpdf->ezText($content, 10);

$this->cezpdf->ezStream();
}

The above code produces a PDF file like this. In the above, first thing we do is load the R&OS library for use. Next we use the ezText() function to create a title for our document. This function takes the text it will display as the first argument, the size of that text and an optional array of additional configuration options. In this instance we pass along a justification option of center. That will center our title at the top of our document. After the title we insert some extra white space using the ezSetDy() function. After the whites pace we put the rest of the content for the document in a variable called $content and add it to our document using the ezText() function again. Finally, we create our document using the ezStream() function which actually creates the document and sends it to the users which prompts them to view/download the generated PDF document.

Handling Tabular Data

When your dealing with business reports the odds are good that you will need to generate reports with tables to display tabular data. From my experience with other PDF libraries, this is not an easy task. But with the R&OS library it's about as hard as creating an array.

function tables()
{
$this->load->library('cezpdf');

$db_data[] = array('name' => 'Jon Doe', 'phone' => '111-222-3333', 'email' => 'jdoe@someplace.com');
$db_data[] = array('name' => 'Jane Doe', 'phone' => '222-333-4444', 'email' => 'jane.doe@something.com');
$db_data[] = array('name' => 'Jon Smith', 'phone' => '333-444-5555', 'email' => 'jsmith@someplacepsecial.com');

$col_names = array(
'name' => 'Name',
'phone' => 'Phone Number',
'email' => 'E-mail Address'
);

$this->cezpdf->ezTable($table_data, $col_names, 'Contact List', array('width'=>550));
$this->cezpdf->ezStream();
}

The above code should produce a PDF file like this. In the above code I create an array of data called $db_data. I put this together so that it imitates a typical database result set because that's usually where you will be getting your data from. Below my data array I have created a $col_names array that associates the data elements in the $db_data array with a column title for the table. This is where the R&OS gets the title to display at the top of each table column. Once I have the data and column titles I create the table by calling the ezTable() function. This function takes the data array, an associative array for column names, the title for the table and an optional array of configuration options. There are a number of options that can be configured through that last optional array, but I'm not going to go into them in this tutorial.

Headers and Footers

Most reports in a corporate setting come with some kind of standard header and/or footer. They can include anything from the date/time generated, the user who generated them, to page numbers and the like. Headers and footers are handy to have, but unfortunately there isn't a real good way to add them to printable reports generated in HTML and CSS. There's one more reason to use the portable document format when creating printable reports. The process of adding headers and footers to a PDF using the R&OS library is the slightest bit complicated. There are a lot of lines of code just to accomplish it, that's why I have created a helper file. Since the code is in a helper function, you just need load the helper and call the function whenever you need to add headers/footers to a PDF.

function prep_pdf($orientation = 'portrait')
{
$CI = & get_instance();

$CI->cezpdf->selectFont(base_url() . '/fonts');

$all = $CI->cezpdf->openObject();
$CI->cezpdf->saveState();
$CI->cezpdf->setStrokeColor(0,0,0,1);
if($orientation == 'portrait') {
$CI->cezpdf->ezSetMargins(50,70,50,50);
$CI->cezpdf->ezStartPageNumbers(500,28,8,'','{PAGENUM}',1);
$CI->cezpdf->line(20,40,578,40);
$CI->cezpdf->addText(50,32,8,'Printed on ' . date('m/d/Y h:i:s a'));
$CI->cezpdf->addText(50,22,8,'CI PDF Tutorial - http://www.christophermonnat.com');
}
else {
$CI->cezpdf->ezStartPageNumbers(750,28,8,'','{PAGENUM}',1);
$CI->cezpdf->line(20,40,800,40);
$CI->cezpdf->addText(50,32,8,'Printed on '.date('m/d/Y h:i:s a'));
$CI->cezpdf->addText(50,22,8,'CI PDF Tutorial - http://www.christophermonnat.com');
}
$CI->cezpdf->restoreState();
$CI->cezpdf->closeObject();
$CI->cezpdf->addObject($all,'all');
}

An example of how I use this helper is provided in the headers() function of the tutorial.php controller. That code produces a PDF file like this. The above code is the prep_pdf() function located in the pdf_helper.php file. This function does all the hard work of creating a footer for my PDF reports for me. All I have to do is load the helper in my controller and call the function. Since the reports could be portrait or landscape I have also included the ability to pass the orientation to the function and the code will modify the document margins accordingly. I'm not going to go into a lot of detail about the above code because this tutorial could become very long. But the general idea is that I'm using the R&OS library to modify the margins of the document I'm creating, add page numbers and text to the very bottom of the document. R&OS has some functions that makes this easy like ezStartPageNumbers() and line(). Once all that is done I can add any kind of content to the document back in my controller and then just call ezStream() to generate the final document.

Wrap Up

I barely scratched the surface of what you can do with the R&OS PDF library in this tutorial. I encourage you to spend some quality time with the readme.pdf documentation file that comes with the library when you download it. That file goes over all the functions and their options in great detail. So there you have it, generating PDF files with CodeIgniter and the R&OS library. If this method doesn't quite do it for you, there are a few helpful articles on the CodeIgniter wiki, like this one and this one, which walk you through some additional options. Whatever solution you choose I hope this tutorial has helped to introduce you to some of the options you have at your disposal for creating PDF reports with CodeIgniter. Discuss this article

31 Jul 2008 4:33pm GMT

21 Jul 2008

feedCI News

CodeIgniter Community Voice - Lee’s Lost Bet

EllisLab is blessed with two of the greatest communities that can be found anywhere on the internet in ExpressionEngine and more recently CodeIgniter. Despite being a relative newcomer to the scene, the people attracted to CodeIgniter are among the smartest, most talented and down-to-earth developers around today. From time to time we want to highlight some of these talented people, and we've asked them to lend their voice to ours. Have your voice. I hope you enjoy what they have to say as much as I did.

This week, our Community Voice author is Lee Tengum, who discusses how CodeIgniter has cost him over $8,800 in beer and soft drinks. Lee is a bit of a serial entrepreneur, with 5 successful startups under his belt including the recently launched http://cleverandy.com. He has become something of a cookie! jar of startup knowledge. When he is not managing his team of contractors he blogs about the trials and tribulations of his startups at http://tumbledry.ca.

It all started with an idea at 4 a.m. on a Tuesday morning that brought us to CodeIgniter.
We were neck deep in a deadline and sinking fast. We knew we needed help.
After puling some strings that bought some time we quit work for a week - well, client work at least. There were our own issues to solve.

We had amassed a team of roughly 14 at this point and had no way to efficiently manage who was doing what for how much and how long; in fact we were often surprised by code submissions.
That's a sad place to be.

We had been building in the 'flavor of the weak' when it came to frameworks and often chose whatever the contractor was fluent in to save time (which != saved money).

Not only were we not communicating, but we were reinventing the wheel for every project. Have I mentioned how sad of a place that is to be?

Back to 4 a.m.

Doug is one of my closest friends, and a trusted peer. He suggested we should develop a contractor management system and that we should build it all on CodeIgniter. At this time I hadn't seen sleep in nearly a day, consumed almost seven liters of coffee, the "development tub" was empty and we were trying to finish a RoR project that a contractor bailed on. I didn't want to hear about another &^%in framework, I just wanted this to be done.

Thankfully my friend couldn't understand the word "no" and kept pressing. He went on about how anyone with knowledge of PHP can build with this, its development cycle and the community that was forming around it. I still wasn't convinced but he assured me this would be the last time we changed frameworks and proposed a friendly bet.

I hate that I love gambling. I don't have a problem, per say, but I always lose. The problem is that my pride drives me to bet anyways. Besides I relished the opportunity to prove him wrong.

So the bet was laid. We would build the contractor management system in CI and all client projects for one month with CI. At the end of that month if I wanted to go back to another framework and could justify it rationally with solid points then he would keep the Development Tub full for a full year (a cost of roughly $100/week). If we stayed with Code Igniter I would the one stocking the tub for the next year and I would also have accept his offer to buy into my company and become a partner.

On Wednesday morning we filled the tub (again not a problem… really) and set out to build our app. We outlined what we wanted, mapped it out on the whiteboard, set up a Basecamp project for it, defined our milestones and set Saturday as launch day.

The tub… The tub… again

Beer? Check.
Monster energy drinks? Check.
Coffee? Check.
M&M Peanuts? Check.
Babysitter? Check. (We're parents…)
Pizza? Maybe.
Basecamp set up? Check.
SVN Server? Check.

While I depleted the tub and read the user guide, Doug was getting down to business. By the time I'd figured out how I was going to tackle my portion of the build he'd built the user authentication as well as the management section. Doug was already adding features to our "Wish List" in Basecamp and checking off milestones. Roughly 9 hrs into our project we started completing items on the wish list, which had never happened before. The wish list had never become a checklist before a deadline and I was starting to worry.

In the wee hours of Thursday morning we headed home to sleep. The following day we sent login details to our contractors and set up a basecamp project to log bugs. We fixed the stupid little ones that we missed and made changes on the fly. By the end of the day I had a huge overview of our team of contractors and a vision of things to come. I never did see the 48 hr Milestone reminder emails from Basecamp… again I was seeing a change.

By the end of the month we had more than a few client sites built on CI. We also had a process for development laid out and the term Rapid Development was taking on meaning with me. I was happy, the clients were happy and we had a team we could manage… and then reality sunk in.

I hate losing, even more so I hate losing to people I like winning against. I lost the bet. Though I gained a valuable business partner, a managed team, profitability and a kick ass framework to build it upon… I am forever filling the tub.

And with ExpressionEngine 2 built on CI (Which we are using extensively for client sites now), the tub has gained a lifetime sponsor. Me.

That app was build on 1.4.0 on September 20th 2006 and since then we have revised many things including our checklist:

Beer? Check.
M&M Peanuts? Check.
Basecamp set up? Check.
SVN Server? Check.

See the difference? We don't live at the office any more. CodeIgniter gave us the freedom to build around our needs and wants and it gave us the structure we needed to become more efficient. Just don't bet against CI, it has cost me $8800 and counting…. weekly.

ABOUT LEE

Lee is a bit of a serial entrepreneur, with 5 successful startups under his belt including the recently launched http://cleverandy.com. He has become something of a cookie! jar of startup knowledge. When he is not managing his team of contractors he blogs about the trials and tribulations of his startups at http://tumbledry.ca.

Discuss this article

21 Jul 2008 8:33pm GMT

17 Jul 2008

feedCI News

CodeIgniter Community Chieftain Michael Wales

We're happy to announce a new program for exceptional members of the CodeIgniter community, CodeIgniter Community Chieftains. As the community grows, the EllisLab development team often does not have the time that we would like to interact with the community in various ways, but it's always been a key part of our success. So as the need arises, we have created this program to help keep the wheels greased so to speak, making sure that our forums, wiki, and bug tracker are handling the needs of the community and are properly moderated.

This is an invitation only program as the aforementioned link explains, and we're proud to bring Michael Wales on board as our first CodeIgniter Community Chieftain. Most will need no introduction to Michael as you have likely already encountered him or some of his contributions in the community. Welcome aboard, Michael!

17 Jul 2008 7:33pm GMT

08 Jul 2008

feedCI News

CodeIgniter Brazil

Hermes Alves has launched a CodeIgniter resource in Portuguese, located at codeigniter.com.br. The site includes a discussion forum, mailing-list, and a few other resources. Kudos Hermes!

08 Jul 2008 6:08pm GMT

30 Jun 2008

feedCI News

CodeIgniter Community Voice - Mathew Davies

EllisLab is blessed with two of the greatest communities that can be found anywhere on the internet in ExpressionEngine and more recently CodeIgniter. Despite being a relative newcomer to the scene, the people attracted to CodeIgniter are among the smartest, most talented and down-to-earth developers around today. From time to time we want to highlight some of these talented people, and we've asked them to lend their voice to ours. Have your voice. I hope you enjoy what they have to say as much as I did.

This week, our Community Voice author is Mathew Davies (AKA Popcorn), author of the Redux Authentication library, a light, easy to use and fully featured auth engine. What follows is a brief discussion of some of the logic and security that went into the library, and considerations for your own programming.

Let me start by saying I love CodeIgniter, it's a developers dream. smile

Today I plan to talk about some of the security features that are used within my library : Redux Authentication.

Hash Once and Only Once!

Over at TalkPHP someone provided a code snippet which had this code :

$psd = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST['password']))))))));

I've made a similar mistake myself in the past. Someone on the CodeIgniter forums pointed out that a solution like the above will actually increase the probability of a collision. Here's what inparo had to say :

"It's safer if you only hash it once. The initial string is random in both length and characters. The first sha1 gives you a fixed length and reduced character set. By hashing this again you're actually increasing the probability of collisions."

So there you go folks, hash once. This also leads nicely to my next topic "salts"

Salts

A lot of people when hashing passwords will do something like this :

$password = md5($password);

You may think this is secure, but actually it's very insecure. Websites exist which store hashes of dictionary words, so if your database was ever stolen, the passwords could be looked up and revealed. This is where the power of the password salt comes in. Salts come in two varieties : A dynamic salt and a static salt. A dynamic salt is automatically generated and is usually very hard to guess. A good example of a dynamic salt would be :

$salt = microtime();

It's not totally random, but you get the idea.

You would then concatenate the salt along with the password to provide a new hash. This new hash can't be looked up because of it's "randomness". You would then store it with other user info and select it when you need to log them in.

I know what you're thinking. If the database is stolen they've got the password and the dynamic salt "What good is that?!" This is where a static salt comes in.

A static salt is just that, a variable that is random in both length and characters. This is best stored in a configuration file somewhere. You then combine this with the dynamic salt to provide a very secure solution. Reasons being: (a) If the database is stolen, they are missing the static salt; (b) Two passwords the same will result in a different hash. Here's an example:

$dynamic_salt = microtime();
$static_salt = 'qGPBA8iCM3cUuCbBAQx3E0uOkKTrSeEUiSrAkykEk4sEniyP67Q2BTp8vtDqoqw'; // Grabbed from file.
$password = 'password'; // Password from input form.

$hashed_password = sha1($dynamic_salt.$password.$static_salt); // Super Secure!

Forgotten Password

Ooops, the user has forgotten their password. What are we going to do? Michael Wales made a well informed post about this topic a while ago, but it was recently lost.

The best method is to use a secret question and answer system coupled with email verification.

The logic would be something like this:

User requests new password -> Sends email verification code -> Verification code is looked up in the database -> Show secret question -> Check Answers

I prefer this system because a hacker could of got into your email account and requested a new password, but would then struggle to get your secret question right. Keeping the users account secure.

DB Sessions

This will be a quick talk. At the moment Redux stores a "users_id" in the session cookie and uses this to figure out if the user is logged in or not. A hacker could use the algorithm in CodeIgniter's session library and craft his own cookie with a fake "user_id".

Database sessions move this data from the clients cookie to the database providing a scenario where the client can't edit it. Redux doesn't currently use this, but it is in the works.

Thanks for listening to me babble on, hope you enjoyed it.

PS : All examples above are used in Redux so go download it smile

- Mathew Davies

Discuss this article

30 Jun 2008 9:07pm GMT

26 Jun 2008

feedCI News

CodeIgniter 1.6.3 Maintenance and Security Release

We are happy to release CodeIgniter version 1.6.3 today. Version 1.6.3 is primarily a maintenance release, with a variety of bug fixes and some refinement to existing features (with a few new ones tossed in for good measure). Details of course can be found in the Change Log.

Additionally, with the assistance of an outstanding community member, Pascal Kriete (Inparo), we have identified and eliminated a potential cross-site scripting vulnerability. No known sites have been affected, but as we take security very seriously, we felt it warranted a feature-light point release to help users protect their sites. We cannot thank Pascal enough for the manner in which he reported this issue to us, and then continuing to diligently work with us to make sure the vulnerability was plugged. If you're looking for a fresh set of eyes to do a security audit on your app, he comes highly recommended by the EllisLab staff.

Command line addicts: don't forget that starting with version 1.6.1, the CodeIgniter subversion contains tagged releases!

26 Jun 2008 11:52pm GMT